Tag
Grav CMS is vulnerable to an unauthenticated path traversal vulnerability within the FormFlash component, allowing attackers to create arbitrary directories and write files, leading to configuration injection and potential denial of service; fixed in version 2.0.0-beta.2.